ai2l
AI2L

Privacy Policy

1. Introduction

Privacy by Design and Commitment to Data Protection

AI2L is committed to protecting the privacy rights of data subjects and implementing privacy-protective measures at every stage of our AI-powered market research platform. We are an AI deep market research platform built on advanced artificial intelligence technologies to provide comprehensive market analysis and business intelligence services.

"AI2L," "we," and "us" refer to Artificial Intelligence to Leads. We offer AI-driven market research analytics services utilising cutting-edge artificial intelligence models, web browsing capabilities, and data reasoning across multiple LLM providers. In this policy, we refer to all these products, together with our other services and websites, as "Services."

This policy covers data we collect when you use our services or communicate with us, including visiting our website, using the AI2L platform, downloading materials, responding to our communications, and attending our events. It also explains your rights regarding your data and outlines our approach to responsible AI development and deployment.

Important Notice about AI-Related Privacy Risks

The use of artificial intelligence technologies in our services presents unique privacy considerations and potential risks that we are committed to addressing transparently:

We implement comprehensive technical and organisational measures to mitigate these risks while providing innovative AI services.

Data Protection and Contact Information

For privacy inquiries, data subject rights requests, or concerns about our AI systems, contact our responsible staff at: home@ai2l.app

Brief Overview: Data We Collect and Legal Basis for Processing

Data CategoryLegal Basis (GDPR Art. 6)Purpose
Contact details (name, email, phone)Consent, ContractCustomer support, service delivery
Technical data (IP address, device ID)Legitimate interest, ConsentWebsite security, analytics, AI model improvement |
AI interaction data (prompts, queries)Contract, Legitimate interestService provision, AI model enhancement
Marketing preferencesConsentSending promotional content
Payment and billing informationContract, Legal obligationProcessing transactions
AI-generated insights and outputsContract, Legitimate interestService delivery, model improvement

We process this data only when necessary and in compliance with applicable laws, including specific AI governance requirements.

AI Acceptable Use and Prohibited Practices

Our AI services must be used in accordance with our Section 6 AI Acceptable Use Policy and are subject to the following fundamental restrictions based on emerging AI regulations:

Prohibited AI Uses:

For detailed guidance, see our AI Responsible Use Guidelines.

Data Retention Policy

We retain personal data only as long as necessary for the specified purposes. AI training data and model parameters are subject to special retention considerations to balance service improvement with privacy rights.

Cookie Policy & Tracking Technologies

We use cookies and similar technologies for analytics, AI model improvement, and user experience enhancement. We obtain explicit opt-in consent before setting non-essential cookies and provide easy-to-use cookie management tools.

Data Transfers Outside the EEA

We transfer data to service providers in the United States, where our cloud infrastructure and AI model providers operate. We ensure GDPR compliance through:

Your Rights Under GDPR, CCPA, and AI-Specific Rights

RightsGDPR (EU Users)CCPA (California Users)AI-Specific Rights
Access data✅ Yes✅ Yes✅ AI decision explanations
Rectification✅ Yes✅ Yes✅ Correct AI inferences
Erasure✅ Yes✅ Yes✅ Remove from AI models*
Object to AI processing✅ Yes❌ No✅ Opt-out of AI decisions
Human review of AI decisions✅ Yes❌ No✅ Request human oversight

*Note: Complete removal from trained AI models may not always be technically feasible. We will provide transparency about limitations.

To exercise your rights, contact: home@ai2l.app

Security Measures for AI Systems

We implement comprehensive security measures for our AI infrastructure:

Children's Privacy and AI

Our AI services are not intended for individuals under 16. We implement age verification measures and will promptly delete any data from minors discovered in our systems.

If you do not agree with this policy, including our AI data processing practices, please do not access or use our services.

2. AI Platform Data Processing

2.1 AI Model Infrastructure and Data Flow

Our AI2L platform operates on a sophisticated AI chain built on n8n.io infrastructure, hosted on Hetzner servers, and integrated with multiple AI model providers:

Core AI Stack:

Data Categories Processed by AI Systems:

2.2 AI Data Processing Purposes and Legal Basis

Service Provision (Legal Basis: Contract - GDPR Art. 6(1)(b))

AI Model Improvement (Legal Basis: Legitimate Interest - GDPR Art. 6(1)(f))

Note on AI Model Training: We do not use personal data for training foundational AI models unless explicitly consented to by users. Our legitimate interest processing focuses on improving service quality and user experience.

2.3 Third-Party AI Model Providers

Google Gemini Models

OpenAI Models

2.4 AI Data Retention and Deletion

AI Interaction Data: 6 months from last interaction

AI-Generated Insights: Retained for service provision duration as specified in service agreements

Model Training Data: Processed under specific consent or legitimate interest, with regular review cycles

Error Logs and Debugging Data: 90 days maximum

2.5 AI-Specific Data Subject Rights

Right to Explanation: You may request information about how AI decisions affecting you were made

Right to Human Review: You may request human oversight of significant automated decisions

Right to Object to AI Processing: You may object to automated decision-making at any time

Right to AI Data Portability: You may request AI-generated insights in a machine-readable format

3. Website Analytics and Cookies

3.1 Data Categories Collected

We collect analytics data to improve our AI services and user experience:

3.2 Analytics Partners

HubSpot Analytics

3.3 Cookie Consent and Management

We implement GDPR-compliant cookie management with:

Cookie Categories:

3.4 Legal Basis and Retention

Legal Basis: Legitimate Interest (GDPR Art. 6(1)(f)) for essential analytics, Consent for marketing and AI enhancement cookies

Retention Period: 7 years for website analytics data

Your Controls: You can manage cookie preferences through our cookie management interface

4. Customer Relationship Management

4.1 CRM Data Processing with AI Enhancement

Our customer relationship management integrates traditional CRM with AI-powered insights:

Data Categories:

4.2 CRM Platform Integration

HubSpot CRM

Apollo.io Integration

4.3 AI-Enhanced Customer Analytics

We use AI to analyse customer interactions and provide improved services:

Legal Basis: Contract performance and legitimate business interests

Opt-out: Customers can opt out of AI-enhanced analytics while maintaining basic CRM functionality

5. Infrastructure and Hosting

5.1 Cloud Infrastructure and Data Processing

Hetzner Cloud Hosting

n8n.io Platform

5.2 Data Security Measures

Technical Safeguards:

Administrative Controls:

5.3 International Data Transfers

EU to US Transfers: When using US-based AI model providers (OpenAI), we implement:

6. AI Acceptable Use Policy

6.1 Acceptable AI Service Usage

Permitted Uses:

Required Practices:

6.2 Prohibited AI Platform Usage

Strictly Prohibited Activities:

Unlawful or Harmful Content Generation:

Privacy and Data Violations:

Discrimination and Bias:

Surveillance and Monitoring:

Market Manipulation:

6.3 AI Governance and Oversight

Human Oversight Requirements:

Compliance Monitoring:

User Responsibilities:

6.4 Enforcement and Violations

Violation Response:

Appeals Process:

Users may appeal enforcement actions by contacting our AI Ethics Review Board at: ai-ethics@ai2l.app

7. Data Subject Rights and AI Transparency

7.1 Enhanced Rights for AI Processing

In addition to standard GDPR rights, we provide enhanced protections for AI-related processing:

Right to AI Explanation:

Right to Human Review:

Right to AI Data Correction:

7.2 AI Transparency Measures

Model Documentation:

We maintain documentation of our AI systems, including:

Algorithmic Auditing:

7.3 Exercising Your Rights

Contact Methods:

Required Information:

To process your request efficiently, please provide:

Response Timeframes:

8. Data Security and AI System Protection

8.1 AI-Specific Security Measures

Model Protection:

Training Data Security:

Inference Security:

8.2 Incident Response for AI Systems

AI-Specific Incidents:

Response Procedures:

  1. Immediate containment and system isolation
  2. Assessment of affected individuals and data
  3. Corrective measures and system updates
  4. Notification to affected parties within 72 hours
  5. Regulatory reporting as required by law
  6. Post-incident review and prevention measures

8.3 Regular Security Assessments

AI Security Auditing:

Compliance Verification:

---

9. International Data Transfers and AI Models

9.1 Cross-Border AI Processing

Our AI services involve international data transfers to access advanced AI capabilities:

Primary Transfer Destinations:

Transfer Safeguards:

9.2 AI Model Provider Compliance

OpenAI (United States):

Google Gemini (United States):

9.3 Data Localisation Options

For customers requiring data localisation:

10. Updates and Changes to AI Privacy Practices

10.1 Policy Updates and Notifications

Update Triggers:

Notification Methods:

10.2 AI Technology Evolution

As AI technology rapidly evolves, we commit to:

10.3 User Control and Consent Management

Ongoing Consent:

Preference Management:

Users can access and modify their AI privacy preferences through:

11. Contact Information and Regulatory Authorities

11.1 Privacy and AI Ethics Contacts

Data Protection Officer:

AI Ethics and Responsible AI:

General Privacy Inquiries:

11.2 Regulatory Authority Information

For EU Residents:

If you believe we have not adequately resolved your privacy concerns, you may file a complaint with your local data protection authority. Contact information for EU data protection authorities is available at:https://edpb.europa.eu/about-edpb/about-edpb/members_en

For California Residents:

California residents may contact the California Attorney General's office regarding privacy concerns:https://oag.ca.gov/contact/consumer-complaint-against-business-or-company

For Other Jurisdictions:

We will provide specific regulatory contact information based on your location upon request.

11.3 Emergency Contact Procedures

Privacy Incidents:

For urgent privacy concerns or suspected data breaches:

AI Safety Concerns:

For AI system safety or ethical concerns:

Last Updated: September 2025

Effective Date: 15.09.2025

Version: 2.0 - AI Enhanced Privacy Policy

Appendix A: Third-Party Service Privacy Policies

Core AI and Infrastructure Providers:

Business and Analytics Tools:

Payment and Communication Services:

Appendix B: Cookie and Tracking Technology Details

[Detailed cookie information table with categories, purposes, retention periods, and third-party details]

Appendix C: AI Model Technical Specifications

[Technical details about AI models used, their capabilities, limitations, and privacy-preserving features implemented]